hey Ben, we surely already love your content, but, for those like me, who are new to the industry, trying to learn and move forward, we need the technical, very basic content, this will help us understand more in depth how things goes. thank you again for the great content you are delivering, and for the amount of dedication you are putting in
When there is an issue or something you understand you should go down the rabbit hole and” master “ it. I’m sure you’re doing well now, this comment was a year ago! But this comment is for people just learning 😁
As CEO of a startup please keep this stuff coming. It took a lot to convince the dev team that exploits weren’t just down to weak passwords so I arranged an in house demo. Jaws dropped. This stuff builds so much awareness. Thank you!
You have helped me a lot as I am stepping into Bug Bounties. I have loved connecting with the people in your discord and have learned so much! I am 1 semester away from getting my bachelor's in computer science and your content as well as the people I found through your community have been invaluable to my success. Thank you so much!
While I may not have commented before, I've been an avid admirer of your work. As an aspiring pentester, I find your technical content to be precisely what I seek. While your other content is commendable, it's ultimately the expertise you bring that I look up to for learning. Your contributions are truly appreciated.
Yes, this is great. From a web developer perspective. I'm trying to under how my server side applications could be hacked and this is great content. Please, continue.
Please, if possible, cover these advanced topics like How to bypass Drupal CMS or other secured CMS? How to bypass HARD WAF protection that stops HTML, SQL, and XSS injection payloads? Payload single-double-triple encoding using Cyber-Chef? How to find the real origin IP of secured websites behind Cloudflare, Akamai, ModSecurity, AWS CDN, etc.,? How to bypass Hard WAF using SQLMAP or Burpsuite? How to find hidden vulnerable parameters and endpoints inside the .js and .jason files? How to find hidden admin pages, cPanel pages, and WHM pages ? Please cover these important topics. Thanks
Man, keep both coming.!! maybe pick a day to post technical and assign another day for the mentorship aspects or something... Either way ... BOTH ARE EQUALLY IMPORTANT FOR SUCCESS!! ...Also i would love a video on how to transfer from labs /ctf into hacking real world apps. As the fundamentals are the same or close but also very different in alot of ways.
I would like to see one of the vulnerabilities you have found and walk through the info gathering stage all the way to the post exploit while explaining the mindset/methodology
Haya! I have quite a lot of experience in pentesting webapps, but i do not have any experience in hosting an instance of a webserver, securing it or being able to load an insecure server, but in a secure way cause we don't want a creepy scanner rooting it and being malicious when i want to test it :P So my question, could you make a lill tutorial in how to, for example, use a docker or maybe host a site in different means through a Digital Ocean instance? :P Would be fun to learn a little bit about it and then being able to pentest towards it. By learning this, one can use your knowledge to host a file hosting instance to make an RFI etc, which is a bit difficult without an outwards facing host ^^ Stay safe and happy late Easter!
Thanks for helpful content! It would be great if u could do more specific showcases about blind SSRF. For example there is a case that I only receive the DNS queries back to the collab. I guess because of outbound restriction but it seems like the server was trying to reach to that domain. Any way in this case that you can prove the ssrf is there with just DNS? Or do you have any suggestion on setting up things in internal network to prove the vulnerability is there? Was a long comment but hope u could imagine the case 😂 thanks
hey Ben, we surely already love your content, but, for those like me, who are new to the industry, trying to learn and move forward, we need the technical, very basic content, this will help us understand more in depth how things goes. thank you again for the great content you are delivering, and for the amount of dedication you are putting in
When there is an issue or something you understand you should go down the rabbit hole and” master “ it. I’m sure you’re doing well now, this comment was a year ago! But this comment is for people just learning 😁
Content + real vulnerability example would be great 🔥
Never thought I could learn SSRF in a more comprehensive way by under 15 minutes! Thanks man!
Thanks! I'm glad it helped!
@NahamSec دمت گرم مهندس، ارادت
As CEO of a startup please keep this stuff coming. It took a lot to convince the dev team that exploits weren’t just down to weak passwords so I arranged an in house demo. Jaws dropped. This stuff builds so much awareness. Thank you!
You have helped me a lot as I am stepping into Bug Bounties. I have loved connecting with the people in your discord and have learned so much! I am 1 semester away from getting my bachelor's in computer science and your content as well as the people I found through your community have been invaluable to my success. Thank you so much!
While I may not have commented before, I've been an avid admirer of your work. As an aspiring pentester, I find your technical content to be precisely what I seek. While your other content is commendable, it's ultimately the expertise you bring that I look up to for learning. Your contributions are truly appreciated.
OFC it would be truly helpful to see more content like this
Fully in with technical vids, especially when you chain these with Real life vulns you have found 👌
100% both. I like the nuance you teach here. For example login page and SSRF. This is fantastic content.
More content is needed like this along with real life examples that you experienced during bug bounty or other testing application
Content + real+technical aspect of pen testing and bug hunting .Thanks
Yes, this is great. From a web developer perspective. I'm trying to under how my server side applications could be hacked and this is great content. Please, continue.
Hey I absolutely love this, I would love to learn from more technical videos like this.
Please, if possible, cover these advanced topics like How to bypass Drupal CMS or other secured CMS? How to bypass HARD WAF protection that stops HTML, SQL, and XSS injection payloads? Payload single-double-triple encoding using Cyber-Chef? How to find the real origin IP of secured websites behind Cloudflare, Akamai, ModSecurity, AWS CDN, etc.,? How to bypass Hard WAF using SQLMAP or Burpsuite? How to find hidden vulnerable parameters and endpoints inside the .js and .jason files? How to find hidden admin pages, cPanel pages, and WHM pages ? Please cover these important topics. Thanks
Man, keep both coming.!! maybe pick a day to post technical and assign another day for the mentorship aspects or something... Either way ... BOTH ARE EQUALLY IMPORTANT FOR SUCCESS!! ...Also i would love a video on how to transfer from labs /ctf into hacking real world apps. As the fundamentals are the same or close but also very different in alot of ways.
Yes, more content like this please 😁
Waiting for this type of content ; please Continue Ben :)
Yea would love this type of content plz part 2
Thank you very much, I hope you'll continue doing these kind of videos 😊
yes please, give us more content of this kind.
I would like to see one of the vulnerabilities you have found and walk through the info gathering stage all the way to the post exploit while explaining the mindset/methodology
Soon :)
East or West, naham is the best.
Super down with more technical content!
fantastic :o , i would like to see a full and advanced recon video from you :)
Hi man, I would like to hear you how to do bug bounties exactly and maybe if you can show on live all the necessary steps to do it
We really want this explain bugs for beginners and give us some advice about the bug i really wish u make playlist for this !! thank u alot
Would love to see more technical content! TIA
both content is fine and some free tutorials
we need more part of this
Just what we need Ben 😊 thank you 👏🏻
Great Content; More Please 🤑
part 2? more content like this!
more content like this please
Haya!
I have quite a lot of experience in pentesting webapps, but i do not have any experience in hosting an instance of a webserver, securing it or being able to load an insecure server, but in a secure way cause we don't want a creepy scanner rooting it and being malicious when i want to test it :P
So my question, could you make a lill tutorial in how to, for example, use a docker or maybe host a site in different means through a Digital Ocean instance? :P
Would be fun to learn a little bit about it and then being able to pentest towards it. By learning this, one can use your knowledge to host a file hosting instance to make an RFI etc, which is a bit difficult without an outwards facing host ^^
Stay safe and happy late Easter!
I think you should pivot to doing Unboxing Videos. If that's not in the cards then please keep the technical videos coming!
Ben One Suggestio | Make a precise playlist of OWASP TOP 10 2021 | Like a 10 min video / on each critical vulnerability
Yes more content like this pls
I’d love more technical videos
You are great bro
more content like THIS!
More real bugbouty tech work
part 2 or complete playlist on the web Vuln
Perfect type of content 😃👍
stay consistent big bro
Hi NahamSec, I'm a regular viewer of your content.can you make video on business logic in dept!! waiting for it
Creat a playlist content like the types of vulnerabilities and bugs that are common or rate easy to hard like xss or account takover
I love this content make more please
Epic, Part 2 please.
Thanks for helpful content! It would be great if u could do more specific showcases about blind SSRF. For example there is a case that I only receive the DNS queries back to the collab. I guess because of outbound restriction but it seems like the server was trying to reach to that domain. Any way in this case that you can prove the ssrf is there with just DNS? Or do you have any suggestion on setting up things in internal network to prove the vulnerability is there?
Was a long comment but hope u could imagine the case 😂 thanks
Drop video with all of the topic you mentioned in the video.
More content like this 🙂🙏❤️🔥
Is Bola and idor the same type of vulnerability with different names
Part 2 please
😍
More, more more real world how to once we have done recon. We need to know the steps on how to find bugs.
please post content like this...thank you
What to do if we don't have burp collaboraor ?
more vcontent like this cover all top 10 owasp vulnerability please...
More please!
More part 2. Need more technical vids
More parts on this topic ..
Part two
Please create similar content to this and please add Hindi subtitles for a better understanding
Vulnerability content or owasp top 10 pls
more content on web attacks
yup yup more tutorials for hacking and IT stuff how to do ore bypass
It was awesome
Next xxe plz
I would like to see basic contents like this.
Love this!
MORE CONTENT !!!
part 7 we want
Part 2 please....
we need location traking tutorial
PART 2 BRO DEFO
web hacking content more please
more content like thiss
Part 2!
more and more plz
I reported my browser 😂
Preach!
More pls =)
theory is all good but when it comes to practical i'm hopeless.
Want more vdo
More content
Part2
I love you naham
Make more technical content
PART-2
Part 2 ,,4,5,6,7,8,9,-----,99999
part 2
💙
😊
location hack
I make hacking videos
Bad explanation with a lot or wrong info
Part 2
part 2
Part 2